Cyber Uncut

Daniel Croft and David Hollingworth tackle the challenges of linking your finances to an AI agent, break down the Qilin ransomware group's Aussie rampage, the ransom payment dilemma, and round up a week of wins for fighting cyber crime.
Australians may soon be able to link their banking details directly with platforms like OpenAI, but is that wise? Croft has recently uncovered a stellar example of why you may want to think twice before clicking "Yes".
The pair have been investigating a trio of Qilin ransomware attacks this week, and the victims are all investigating the hackers' claims – but Qilin is acting very strange and not sharing any details of the hacks themselves. Hollingworth and Croft have some suspicions, making this a threat intelligence assessment not to miss.
The podcast closes out with a week of law enforcement wins, with cyber criminals both abroad and at home getting their just deserts. You love to see it.
Just another week in cyber security.
Enjoy,
The Cyber Uncut team

Daniel Croft and David Hollingworth analyse the Albanese government's budget, the Instructure breach and ransom payments, and Dan Marks from Austrade chats with SailPoint's federal chief technology officer.
Jim Chalmers has handed down another Labor budget, and while it seems like not a lot for cyber security, Hollingworth thinks the heavy lifting has already been done – do you agree?
Then it's on to a massive issue – do you pay a ransom to cyber criminals? That is possibly what learning platform provider Instructure may have done. The pair break that down, from the morality to the fact that sometimes, that may be the best choice. But can you trust a criminal? The jury, as they say, is out.
And once again, we are joined by Dan Marks, investment director and cyber security lead for Austrade, who sat down with Frank Briguglio, federal chief technology officer at SailPoint, at the recent RSA Conference.
Just another week in cyber security.
Enjoy,
The Cyber Uncut team

Each and every day, the world is becoming more unpredictable, yet Australia continues with the post-Cold War status quo. As things continue to deteriorate, we're going to have to ask ourselves some particularly confronting questions.

Australia and its allies are entering an "age of chaos" in which the assumptions that shaped the post-Cold War order are rapidly breaking down.
Rather than dealing with isolated crises that can be managed and resolved individually, governments, militaries, and societies are now confronting overlapping and mutually reinforcing disruptions, including strategic competition, technological upheaval, economic fragmentation, supply chain vulnerability, and the rise of networked authoritarian powers.
Central to Australia's response is understanding the distinction between traditional "crisis management" and "chaos management". Crisis management assumes stability will eventually return and institutions can revert to previous norms once a disruption passes. Chaos management, by contrast, accepts that instability, uncertainty, and persistent competition are now enduring features of the strategic environment.
In this episode of the Contested Ground podcast, host Steve Kuper is joined by expert defence and security analyst and White House veteran Robbin Laird to discuss the impact of the emergence of the era of disruption.
This only becomes more important and pivotal as we grapple with the reality that the international system is no longer defined by uncontested Western dominance, nor is it returning to a simple Cold War-style bipolar structure.
Rather, the world is evolving into a fragmented and highly interconnected environment where economic dependency and geopolitical rivalry coexist simultaneously, particularly between the United States and China. This creates strategic complexity for middle powers such as Australia, whose decisions on defence, trade, industrial policy, and alliances will increasingly shape the balance of power in the Indo-Pacific and beyond.
Australia's response to this is recognising the growing importance of resilience and sovereign capability. The author argues that efficiency and globalisation can no longer be the sole priorities for democratic nations if they undermine strategic security. Supply chains, industrial capacity, digital infrastructure, and technological innovation are increasingly viewed as national security issues rather than purely economic considerations.
In this context, adaptability, redundancy, and the ability to rapidly regenerate capability are presented as critical determinants of national power. Ultimately, democratic nations must rethink how they approach leadership, preparedness, and strategy in a world defined by accelerating disruption.
Rather than attempting to restore an increasingly obsolete status quo, governments and institutions must develop the capacity to operate effectively amid prolonged uncertainty, while strengthening alliances, industrial resilience, and societal cohesion to navigate an increasingly contested global order.
Enjoy the podcast,
The Contested Ground Team

Australian students and teachers have been compromised by an international data breach, with thousands of kids likely impacted. David Hollingworth and Daniel Croft break down how it happened, why it matters, and what schools need to do to protect themselves. PLUS! Cyber Daily partners with Austrade to bring you a series of interviews direct from the RSA Conference 2026.

Artificial intelligence is having an impact on almost every industry, and finance is no exception – that's why the US Federal Reserve is helping the sector navigate the global impact of AI. And while organisations are adopting the technology at pace, they're often too slow to secure it. Understand why that matters and what your organisation can do.
The big news of the week stems from a breach of cloud education platform provider Instructure, and Aussie schools – and staff and students – have already been compromised. Find out what happened, who did the hacking, and what it means for the education sector at large. If you're a school CISO, this is vital information!
Finally, the podcast wraps up with a pair of special guests, as Austrade's investment director at the Australian embassy in Washington sits down with ThreatLocker's Rob Allen to talk about the company's philosophy, its operations in Australia, and the importance of application control in the modern enterprise.
Just another week in cyber security.
Enjoy,
The Cyber Uncut team

Qualys ANZ managing director Sam Salehi joins the Cyber Uncut podcast to expose the expanding AI attack surface, the governance gaps exposing organisations, and why boards must translate cyber risk into dollars to take it seriously.

This week on the Cyber Uncut podcast, host Liam Garman speaks with Qualys ANZ managing director Sam Salehi about the rapidly evolving "AI attack surface" – from shadow AI usage and prompt injection risks to data leakage and model vulnerabilities – and why a lack of visibility is leaving businesses exposed before they even realise it.
Salehi outlines the core problem facing security leaders: organisations often don't know what AI tools are already in use, let alone how to secure them. The conversation explores how fragmented tooling, poor asset inventory, and missing business context are undermining risk management efforts, while boards continue to push AI adoption for efficiency gains. Salehi argues that leaders are flying blind, prioritising the wrong threats while leaving critical exposures unaddressed.
From data minimisation and API security to continuous monitoring and the rise of the "risk operations centre", Salehi emphasises the need for a unified, risk-based approach. His bottom line is blunt: in an environment where exploitation timelines are shrinking to hours, the only metric that matters is how quickly organisations can detect and close exposure – before attackers do.
Enjoy,
The Cyber Uncut team